﻿// Decompiled with JetBrains decompiler
// Type: Microsoft.InfoCards.CustomTokenProvider
// Assembly: infocard, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
// MVID: 8E14765A-6610-409A-BA36-099A0642905D
// Assembly location: E:\git\ALLIDA\windll\infocard.exe

using Microsoft.InfoCards.Diagnostics;
using System;
using System.Collections.ObjectModel;
using System.IdentityModel.Policy;
using System.IdentityModel.Selectors;
using System.IdentityModel.Tokens;
using System.ServiceModel;
using System.ServiceModel.Security.Tokens;

namespace Microsoft.InfoCards
{
  internal class CustomTokenProvider : SecurityTokenProvider, IDisposable
  {
    private InfoCardPolicy m_policy;
    private InfoCard m_card;
    private IssuedSecurityTokenParameters m_parameters;
    private TokenDescriptor m_token;
    private EndpointAddress m_target;
    private SelfIssuedSamlTokenFactory m_tokenFactory;
    private bool m_isSelfIssuedCreds;
    private ProtocolProfile m_protocolProfile;
    private SelfIssuedAuthProofToken m_proofToken;

    public CustomTokenProvider(
      IssuedSecurityTokenParameters parameters,
      InfoCard card,
      EndpointAddress target,
      bool isSelfIssuedCreds,
      ProtocolProfile profile)
    {
      this.m_isSelfIssuedCreds = isSelfIssuedCreds;
      this.m_card = card;
      this.m_parameters = parameters;
      this.m_target = target;
      this.m_protocolProfile = profile;
      this.ValidatePolicy();
      this.m_tokenFactory = new SelfIssuedSamlTokenFactory();
    }

    public void Dispose()
    {
      if (this.m_token != null)
      {
        this.m_token.Dispose();
        this.m_token = (TokenDescriptor) null;
      }
      if (this.m_proofToken == null)
        return;
      this.m_proofToken.Dispose();
      this.m_proofToken = (SelfIssuedAuthProofToken) null;
    }

    private void ValidatePolicy()
    {
      try
      {
        this.m_policy = PolicyFactory.CreatePolicyForCustomTokenProvider(this.m_target, this.m_parameters, this.m_protocolProfile);
        this.m_policy.SetRecipientInfo(this.m_policy.ImmediateTokenRecipient, (string) null, 0U);
        if (this.m_isSelfIssuedCreds)
          this.m_policy.ThrowIfNonPpidClaimsPresent();
        this.m_policy.Validate();
      }
      catch (Exception ex)
      {
        if (!InfoCardTrace.IsFatal(ex))
          throw InfoCardTrace.ThrowHelperError((Exception) new TrustExchangeException(SR.GetString("FailedReadingIPSTSPolicy"), ex));
        throw;
      }
    }

    protected override SecurityToken GetTokenCore(TimeSpan timeout)
    {
      StoreConnection connection = StoreConnection.GetConnection();
      this.m_card.Connection = connection;
      try
      {
        this.m_token = this.m_tokenFactory.CreateToken(this.m_card, (TokenFactoryCredential) null, this.m_policy, false);
        this.m_proofToken = this.m_token.SymmetricProof != null ? new SelfIssuedAuthProofToken(new InMemorySymmetricSecurityKey(this.m_token.SymmetricProof.Key), this.m_token.ExpirationTime) : new SelfIssuedAuthProofToken(this.m_card.GetPrivateCryptography(this.m_policy.Recipient.GetIdentifier()), this.m_token.ExpirationTime);
        return (SecurityToken) new GenericXmlSecurityToken(this.m_token.ProtectedToken, (SecurityToken) this.m_proofToken, this.m_token.EffectiveTime, this.m_token.ExpirationTime, (SecurityKeyIdentifierClause) new SamlAssertionKeyIdentifierClause(this.m_token.TokenId), (SecurityKeyIdentifierClause) null, (ReadOnlyCollection<IAuthorizationPolicy>) null);
      }
      finally
      {
        connection.Close();
        this.m_card.Connection = (StoreConnection) null;
      }
    }
  }
}
